Hacking group releases more Stratfor subscriber data

Hackers released another batch of data on Thursday pilfered from Stratfor Global Intelligence, a widely used research and analysis company whose website was attacked last weekend.

The data dump includes 75,000 names and addresses of subscribers to the analysis service

By
Jeremy Kirk
| 30 Dec 2011

Hackers released another batch of data on Thursday pilfered from Stratfor Global Intelligence, a widely used research and analysis company whose website was attacked last weekend.

The data purports to be the names and credit-card numbers of people who have purchased research from Stratfor plus hundreds of thousands of user names and e-mail addresses used to register with the website.

The hackers, believed to be part of the Anonymous movement, described the data on Pastebin, then provided several links to websites hosting the information. They noted that some 50,000 of the e-mail addresses released end in ".mil" or ".gov."

The data comprises 75,000 names, credit card numbers and MD5 hashes, or cryptographic representations, of passwords for people who have paid Stratfor for research. The group also said the data contains 860,000 user names, e-mail addresses and MD5 hashes for passwords for anyone who has registered on Stratfor's website.

Stratfor said on Thursday that it was offering a free one-year subscription to an identity protection service to those affected.

Stratfor's CEO, George Friedman, wrote on the company's Facebook page on Monday that the intrusion revealed the names of some corporate subscribers along with personal and credit card data.

A first batch of data was released by hackers shortly after the breach. Stratfor denied the hackers' claim that data was a list of "private clients" but rather a list of members who may have purchased a publication.

Barrett Brown, a de facto spokesman for Anonymous, wrote on Pastebin on Monday that the hacking wasn't aimed at stealing credit card numbers but rather 2.7 million internal e-mails.

"This wealth of data includes correspondence with untold thousands of contacts who have spoken to Stratfor's employees off the record over more than a decade," Brown wrote. "Many of those contacts work for major corporations within the intelligence and military contracting sectors, government agencies and other institutions."

Those e-mails have yet to be released and could present another headache for Stratfor. The company's website was still down as of Friday, and officials could not be immediately reached by phone.